Zabbix_logo_twitter_bigger

Zabbix Review
Extremely powerful and flexible but the auto-discovery function has room for improvement

1257
10

On a scale from 1-5 (1=worst, 5=best), how would you rate this product overall compared to similar products?
- In my experience there are two classes of network management systems, Open-source systems that are generally free, and commercial systems complete with support as well as some advanced self configuring features. Zabbix actually fits into both classes, but in my view it has more in common with the open source systems.
- Compared to SIMILAR products, I would give it a 5. This means as compared to similar open-source tools that do not have a strong network auto-discovery feature.
- By network auto-discovery, I mean features found in tools like SolarWinds, NetMRI and other commercial products that have part of the configuration work done in advance. For example, when I plug in NetMRI and give it a list of login/password combinations and an IP range, it is able to self-configure, finding most of my network gear automatically. Network discovery is a useful feature that can reduce the amount of time it takes to integrate a system.
- Zabbix does...

Disclosure: I am a real user, and this review is based on my own experience and opinions.


10 Comments

123_(3)
GamerboyReal User

Having used Nagios for a couple of years, I was seriously looking for something fresh that can handle issues found in Nagios, primarily some sort of out-of-the box system which can tackle current markets demands with ease. And Zabbix proved itself to be the one I've been looking for quite some time. There are still some improvements needed in the Reporting part, but overall I'm quite satisfied with Zabbix.

07/25/13
Anonymous_avatar_x30
nghlrengVendor

I've been using zabbix since version 1.6 and I have to its SNMP handling still isn't what it needs to be. It perfect if you want to do agent based monitoring but most companies tend to shy away from that due to some reasons. Although version 2.2 is claiming to cover up a lot of those loose ends but that remains to be seen

08/10/13
George-wenzel-li?1376406550
George WenzelReal User

Nghlreng,
There will always be room for improvement, of course. But I was curious what snmp shortcomings you were seeing. I've used Zabbix to extract data via SNMP, and while there was a learning curve at first, the biggest problem I found was performance. However I have seen two big performance bumps since I started with 1.4, so currently I haven't had performance issues in a while. But to be fair, my current installations are not as demanding as the first one I set up, which was to probe the end-user gateways on a wireless ISP network. In addition to pulling the numbers off of interface counters, I was collecting configuration data to validate that the clients were correctly configured. One of the things I did to improve performance was to collect some data less frequently if it was unlikely to be changing.

Something else I did was to do a lot of work to eliminate the need for agents for hosts that resisted the use of agents. Instead I wrote ssh scripts to collect data from the remote hosts. So not being able to run agents is not a show stopper. The amount of agent-based monitoring I do is very small compared to snmp monitoring I do.

08/12/13
Patrik-li?1376993267
PatrikConsultant

i agree on the snmp part
when sending snmp traps zabbix has nothing to catch them it will depend on the os for catching snmp traps.
However if u use snmp with lld for switches etc that works great !

reporting is defo not what it needs to be try for ex: try to make a report that tells u what servers had the hightest load in the last 2 weeks it's simply not easy to get out of zabbix.

one of the strenghts of nagios is that everything is in files so easy to script this is not possible with zabbix but on the other hand there is a great API that is well documented.

zabbix supports active and passive proxy's and they also supports nodes (full blown zabbix servers that acts as a proxy)

zabbix 2.2 is in alpha release atm and is fixing the biggest missing feature so far the addition of plugins. Once the community starts to write for zabbix i'm sure its going to boom even more !

08/21/13
George-wenzel-li?1376406550
George WenzelReal User

Well, if you discount Zabbix for not having the facilities for handling SNMP traps, then I suppose you may have to discount it for everything it uses the underlying OS and tools for. I never really saw that as a shortcoming, because first of all you /can/ use Zabbix for that, it just falls into a category of function that might best be accomplished by a more advanced user.

The largest problem with SNMP traps, as well as Syslog analysis, monitoring error logs, and similar functions is that Zabbix CAN do them, but a substantial amount of expert analysis is required to make sense of all of the possible messages. If you know what messages you are looking for, and it is a small finite number, then Zabbix is a fine tool for that, assuming you are comfortable enough with the work required to make that happen.

I haven't found any open source tools that can both receive this type of data AND make sense of it. It typically is in the realm of the /expensive/ commercial tools to have that sort of capability. The tool has to be able to decode the 10,000+ messages a vendor like Cisco might emit, multiplied by the number of equipment vendors out there. It is capabilities like this that are the reasons people consider some of those other tools. To put some perspective on it, a commercial installation of Zabbix was less than $10,000, including hardware, for a large enterprise network... while the higher-end tool makers were bidding prices approaching half a million dollars for the same network. But for half a million dollars what I got was a system that would "explain" to me why Dr. Smith heard a click while he was on a voip call sometime last week, and tell me what equipment isn't correctly configured by comparing all of my configurations with best practices.

But it is an interesting point, not only is Zabbix missing native SNMP trap reception, it is similarly missing native syslog reception. Syslog is normally part of the OS, and SNMP traps is a similar mechanism that is easily added to most OS's. But in all fairness, syslog and SNMP traps are both mechanisms by which our equipment send out calls for help, so at the very least the Zabbix team should create better documentation and support for integrating those facilities. One issue, with syslog, is that since it is already in the *nix os's, if Zabbix were to have native support you would have to disable the OS's syslog, which might be a problem. Moving syslog to a non-standard port might work, but many systems don't support non-standard syslog ports. SNMP traps are less of an issue, but if it can be done in the OS for free, why should the Zabbix team burn cycles reinventing the wheel? It is really just an integration problem, at least in my opinion. On the Zabbix wiki there are four different trap solutions spelled out, but they all fall into the semi-advanced category, requiring external daemons, and scripts to do part of the work. That extra work is a problem for some, and a godsend to others. The fact that Zabbix can process random information from different sources using a 3 line shell script is a great feature to me, but to the person that doesn't know how to author that script, those features are forever missing.

And at some point, the SNMP/syslog issue will them become "why isn't it better?" or "how do I make sense of 10,000 traps an hour?". Perhaps one of those new plug-ins will solve that one.

Plug-ins are an exciting new feature! I've always thought of Zabbix as being mostly complete, since I can launch my own scripts... isn't that a plugin? But after thinking about it some more, I realize that there is a lot of room for specialized add-ons... I'm looking forward to what add-ons might come from third parties down the road.

If this stuff was always easy, how much do you think they would pay us for doing this work?

08/21/13
Anonymous_avatar_x30
nghlrengVendor

With version 2.0.0 I had issues with dynamic indexes previous version also had this issue.

https://support.zabbix.com/browse/ZBX-3449

Although the ticket seems to be closed now. There were some perl scripts other people were using as a workaround

Also there was a LanMgr-Mib-II-MIB which I was using to monitor windows services and when they would go down. The problem here was that when the service was up SNMP would poll just fine but when the service went down the OID actually didn't return any value so Zabbix assumed it as an OID error and stopped checking for that OID until a specific interval of time which was a global value. Once the service was up the OID would return the value again. The work around to this was querying the database for the state of the trigger and decreasing the OID error interval time. There was a ticket for this as well but since I'm not working for the company anymore I don't have access to the complete information anymore. Snmptraps was also a pain to configure!

08/22/13
Patrik-li?1376993267
PatrikConsultant

@George Wenzel

well maybe i was a bit short. i'm defo not breaking zabbix for the snmp traps
u are right that support from the os is much better but the way snmp traps are catched now in zabbix is just not clear for first timers and a difficult task compared to other things in zabbix. When u install zabbix nothing is telling u that u have to rely on the underlying os also documentation in my opinion could use some improvements as nothing is mentioned there either when u follow the installation guide.

I just wanted to point out that i feel that on this part there is some work to do.
As a zabbix trainer i see that most people struggle with the snmp traps.
Zabbix makes difficult things fairly easy to do with the interface even tho the interface is not always straight forward.

When it comes to logging there will be some improvements in the future.
Value extracting from logfiles is added in 2.2

I hope when plugins come out that zabbix will get the same community support that nagios has now. Something like puppetforge would be a great extra for the zabbix eco system imho.

08/22/13
George-wenzel-li?1376406550
George WenzelReal User

You are absolutely right, in fact, you understate the learning curve issues that Zabbix has. The first time I installed Zabbix, I failed to make it do anything and gave up. I was an experienced expert, but I was also impatient. The Zabbix documentation is well written, but it is missing some critical final steps. The installation documentation was great, and it got me to the point that the system was up and running, but it didn't do anything yet. It would be helpful if there was a post install document that took the user through the configuration of 10 example devices, enough to cover all of the various ways a new admin wants to use the system.

My first failure was because I wanted to read snmp interface counters as the first thing. To me that is easy now, but without a good starting point I fumbled with it for a couple days without any success at all. There were several steps, and I was missing a critical one somewhere. I would have been using Zabbix a year sooner had that first experience been smoother.

But I allude to that in the review when I say "The auto-discovery function could be improved to include more hands-off automation." What I mean by this is best explained by using an example of a high end product that I have also used called NetMRI. I have no idea how to configure NetMRI, despite the fact I am using it, and had no help setting it up. When I installed NetMRI (it is shipped as a VM or a hardware appliance, so installation is actually already done) all I had to do is get myself logged in, and then tell NetMRI about my network. I gave it my IP address ranges, and the passwords and community strings of my equipment. NetMRI found all of my equipment, and installed it all for me in a very comprehensive manner. That is, it installed the popular name-brand equipment like Cisco. What NetMRI did not do is install some of my non-mainstream equipment, such as Alcatel xDSL DSLAMs and Redback routers. The equipment it did not install would never be used in a normal IT setting, so it was not supported. NetMRI is expansive, but what you get for the money is an expert system that is pre-configured for hundreds or even thousands of popular types of IT equipment. I have no doubt that NetMRI can be manually configured just like Zabbix can be, but in all honesty, if I'm going to configure something by hand, I'll stick to Zabbix. But the point is that Zabbix could have some additional smarts added to it to make it more useful to the novice user. In the 5 minutes I spent configuring NetMRI, I was finished. I don't expect Zabbix to be on that level, but they can aspire to get closer. At the very least, the install documentation should be expanded to include a range of examples such as "This is how you set up a Ciswco Switch", and "This is how to set-up a Server". To be fair all of this IS documented, but it is not the same step by step manner that the installation is documented (at least it wasn't around 1.4 when I needed it)

So I agree with you 100%, Zabbix is hard to use, the amount of configuration required is high. For the expert that is a good thing. But for the person trying to get started with baby steps, there was no good starting point clearly laid out. But that is probably true for most of the open source systems that do more than ping. Keep in mind I am experienced now, so it is quite possible that the documentation I wish they had years ago exists now, but I assume from your comments that it doesn't.

But trust me, if you stick with it, and get past the learning curve of writing your own scripts to take data from the real world and feed it into Zabbix, you will eventually begin to love it.

Plus, you want this stuff to be a little hard... the skills you learn/earn will only have value if they are hard for others to obtain.

08/22/13
Patrik-li?1376993267
PatrikConsultant

From your writings it's clear that u are a hardcore zabbix user and that u know the product very well.

Well since 1.8 the documentation is for an open-source product very impressive
just some points are still lacking a bit like snmp traps

http://www.zabbix.com/documentation.php

community is working to on documentation i have written a few myself so

https://www.zabbix.org/wiki/Main_Page

Zabbix is def getting there and it's a shame that most people still only know nagios or one of the forks as zabbix is much more mature in most of the ways footprints are low and support on the forum and on irc is amazing from the devs.

for those willing to learn more i can recommand the book written by one of the devs now it's a bit outdate for zabbix 1.8 but it explains alot with examples it's more like a complet walkthrue. As far as i know this is also the only book available at this moment.

08/22/13
George-wenzel-li?1376406550
George WenzelReal User

I purchased a copy of that book myself. I can't say that I read very much of it, but I keep it around for others, and I like the idea of supporting the author of my favorite management system.

As for the SNMP traps, when I refer to the Zabbix documentation, I incorrectly lump the official and community documentation together. I'm a googler, so they tend to transparently intermingle under my fingertips. But yes, the SNMP traps are documented on the community wiki with four different recipes,

08/23/13